Pool A Flashcards
Which of the following is an AWS managed Domain Name System (DNS) web service? A. Amazon Route 53 B. Amazon Neptune C. Amazon SageMaker D. Amazon Lightsail
Answer: A
A company wants to reduce the physical compute footprint that developers use to run code. Which service
would meet that needby enabling serverless architectures?
A. Amazon Elastic Compute Cloud (Amazon EC2)
B. AWS Lambda
C. Amazon DynamoDB
D. AWS CodeCommit
Answer: B
Explanation:
AWS Lambda is an integral part of coding on AWS. It reduces physical compute footprint by utilizing
awscloud services to run code.
Where can AWS compliance and certification reports be downloaded? A. AWS Artifact B. AWS Concierge C. AWS Certificate Manager D. AWS Trusted Advisor
Answer: A
Explanation:
WS Artifact is yourgo-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’s security and compliance reports and select online agreements. The AWS
SOC 2 report is particularly helpful for completing questionnaires because it provides a comprehensive
description of the implementation and operating effectiveness of AWS security controls. Another useful
document is the Executive Briefing within the AWS FedRAMP Partner Package.
Which AWSservice would you use to obtain compliance reports and certificates? A. AWS Artifact B. AWS Lambda C. Amazon Inspector D. AWS Certificate Manager
Explanation:
AWS Artifact is your go-to, central resource for compliance-related information that matters toyou. It
provides on-demand access to AWS’ security and compliance reports and select online agreements.
Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card
Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance
verticals that validate the implementation and operating effectiveness of AWS security controls.
Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the
NondisclosureAgreement (NDA).
A customer would like to design and build a new workload on AWS Cloud but does not have the
AWS-related software technical expertise in-house.
Which of the following AWSprograms can a customer take advantage of to achieve that outcome?
A. AWS Partner Network Technology Partners
B. AWS Marketplace
C. AWS Partner Network Consulting Partners
D. AWS Service Catalog
Answer: C
Under the shared responsibility model, which of the following tasks are the responsibility of the AWS
customer? (Select TWO.)
A. Ensuring that application data is encrypted at rest
B. Ensuring that AWS NTP servers areset to the correct time
C. Ensuring that users have received security training in the use of AWS services
D. Ensuring that access to data centers is restricted
E. Ensuring that hardware is disposed of properly
Answer: A C
Which AWS services should be used for read/write of constantly changing data? (Select TWO.) A. Amazon Glacier B. Amazon RDS C. AWS Snowball D. Amazon Redshift E. Amazon EFS
Answer: B E
Explanation:
https://aws.amazon.com/efs/?nc2=type_a
When performing a cost analysis that supports physical isolation of a customer workload, whichcompute
hosting model should be accounted for in the Total Cost of Ownership (TCO)?
A. Dedicated Hosts
B. Reserved Instances
C. On-Demand Instances
D. No Upfront Reserved Instances
Answer: A
Explanation:
Use Dedicated Hosts to launch Amazon EC2 instances on physical servers that are dedicated for your use.
Dedicated Hosts give you additional visibility and control over how instances are placed on a physical
server, and you can reliably use the same physical server over time. As a result, Dedicated Hosts enable
you to use your existing server-bound software licenses like Windows Server and address corporate
compliance and regulatory requirements.
Which of the following Identity and Access Management (IAM) entities is associated with an access key ID
and secret access key when using AWS Command Line Interface (AWS CLI)?
A. IAM group
B. IAM user
C. IAM role
D. IAM policy
Answer: B
Web servers running on Amazon EC2 access a legacyapplication running in a corporate data center. What term would describe this model? A. Cloud-native B. Partner network C. Hybrid architecture D. Infrastructure as a service
Answer: C
Which of the following security-related services does AWS offer? (Select TWO.)
A. Multi-factorauthentication physical tokens
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection
Answer: C D
Which AWS tools assist with estimating costs? (Select three.)
A. Detailed billing report
B. Cost allocation tags
C. AWS Simple Monthly Calculator
D. AWS Total Cost of Ownership (TCO) Calculator
E. Cost Estimator
Answer: B C D
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/estimating-aws-resource-costs/
Which AWS Cost Management tool allows you to view the most granular data about your AWS bill? A. AWS Cost Explorer B. AWS Budgets C. AWS Cost and Usage report D. AWS Billing dashboard
Answer: C
Explanation:
The AWS Billing Console gives you access to the most comprehensive information about your AWS costs
and usage. To see how your costs are tracking month-to-date, and which AWS services are the main cost
drivers, check out the AWSBilling Dashboard. To access to the most comprehensive information about your
AWS costs and usage, you can download the AWS Cost & Usage Report. To view your bill for any previous
month, you can access the Bills page.https://aws.amazon.com/aws-cost-management/details/
Which serviceenables risk auditing by continuously monitoring and logging account activity, including user
actions in the AWS Management Console and AWS SDKs?
A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS Config
D. AWS Health
Answer: B
Which task is AWS responsible for in the shared responsibility model for security and compliance?
A. Granting access to individuals and services
B. Encrypting data in transit
C. Updating Amazon EC2 host firmware
D. Updating operating systems
Answer: C
Which AWS feature will reduce the customer’s total cost of ownership (TCO)? A. Shared responsibility security model B. Single tenancy C. Elastic computing D. Encryption
Answer: C
Explanation:
https://aws.amazon.com/compliance/shared-responsibility-model/
Which of the following are features of Amazon CloudWatch Logs?(Select TWO.)
A. Summaries by Amazon Simple Notification Service (Amazon SNS)
B. Free Amazon Elasticsearch Service analytics
C. Provided at no charge
D. Real-time monitoring
E. Adjustable retention
Answer: D E
Explanation:
https://aws.amazon.com/cloudwatch/faqs/
One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:
A. it allows thebusiness to eliminate IT bills.
B. it allows the business to put a server in each customer’s data center.
C. it allows the business to focus on business activities.
D. it allows the business to leave servers unpatched.
Answer: C
Which of the following AWS services can be used to serve large amounts of online video content with the lowest possible latency? (Select TWO.) A. appGateway B. Amazon S3 C. Amazon Elastic File System (EFS) D. Amazon Glacier E. Amazom CloudFront
Answer: B E
Explanation:
https://aws.amazon.com/pt/blogs/networking-and-content-delivery/amazon-s3-amazon-cloudfront-a-match
-mad
Which AWS services are defined as global instead of regional? (Select TWO.) A. Amazon Route 53 B. Amazon EC2 C. Amazon S3 D. Amazon CloudFront E. Amazon DynamoDB
Answer: A D
What is the AWS customer responsible for according to the AWS shared responsibility model? A. Physical access controls B. Data encryption C. Secure disposal of storage devices D. Environmental risk management
Answer: B
Which of the following is a correctrelationship between regions, Availability Zones, and edge locations?
A. Data centers contain regions.
B. Regions contain Availability Zones.
C. Availability Zones contain edge locations.
D. Edge locations contain regions.
Answer: B
Which AWS services can host a Microsoft SQL Server database? (Select TWO.)
A. Amazon EC2
B. Amazon Relational Database Service (Amazon RDS)
C. Amazon Aurora
D. Amazon Redshift
E. Amazon S3
Answer: A B
Where are AWS compliance documents, such as an SOC 1 report, located? A. Amazon Inspector B. AWS CloudTrail C. AWS Artifact D. AWS Certificate Manager
Answer: C